diff options
| author | Tim Smith <tsmith84@gmail.com> | 2019-09-11 14:13:14 -0700 |
|---|---|---|
| committer | Tim Smith <tsmith84@gmail.com> | 2019-09-11 14:13:14 -0700 |
| commit | 37ee85044a8ca7f286ae7eb558c34680dbcd5dc4 (patch) | |
| tree | efaa0c487011be817f6755f7e45ae878c271ff5b /RELEASE_NOTES.md | |
| parent | 3498039af9402f0025c48ab0cba9c0f7ed9764eb (diff) | |
| download | chef-37ee85044a8ca7f286ae7eb558c34680dbcd5dc4.tar.gz | |
Add security updates to the release notes
Signed-off-by: Tim Smith <tsmith@chef.io>
Diffstat (limited to 'RELEASE_NOTES.md')
| -rw-r--r-- | RELEASE_NOTES.md | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index eb068f3278..23e2fdd567 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -87,6 +87,20 @@ Chef InSpec has been updated from 4.10.4 to 4.16.0 with the following changes: - The `service` resource now includes a new `startname` property for determining which user is starting the Windows services. - The `groups` resource now properly gathers membership information on macOS hosts. +## Security Updates + +### Ruby + +Ruby has been updated from 2.6.3 to 2.6.4 in order to resolve [CVE-2012-6708](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6708) and [CVE-2015-9251](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9251). + +### openssl + +openssl has been updated from 1.0.2s to 1.0.2s in order to resolve [CVE-2019-1563](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563) and [CVE-2019-1547](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547). + +### nokogiri + +nokogori has been updated from 1.10.2 to 1.10.4 in order to resolve [CVE-2019-5477](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5477) + # Chef Infra Client 15.2 ## Updated Resources |